mirror of
https://git.yoctoproject.org/poky
synced 2026-04-26 09:32:14 +02:00
9b99800fe7
In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-32743 Upstream-patch: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d90b911f6760959bdf1393c39fe8d1118315490f (From OE-Core rev: ece0fb01bf28fa114f0a6e479491b4b6f565c80c) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>